Microsoft has announced a vulnerability in Samba, the widely used SMB/CIFS protocol for Windows/*nix interoperability. The vulnerability exists in versions 3.5.0 to 4.2.0rc4 and allows malicious clients to manipulate the host such that clients can execute code via a netlogon packet.
There are already patches available for each of the affected versions. For Samba 4.0 and above you can solve the problem simply by including a line to disable netlogon.
On Samba versions 4.0.0 and above, add the line:
to the [global] section of your smb.conf.
To ensure that you are no longer vulnerable, we've added a check to our library of public policies. The check will give you a thumbs up/thumbs down on whether your nodes are patched and allow you to drill down into why they failed.
This node failed the test. We can click on the "check content" portion of the policy results to understand exactly what test was being run and why it failed.
This node was supposed to have the netlogon=disabled solution but evidently the patch was not correctly applied. Having UpGuard there to check our work ensures that we are secure and have a record of the steps taken to ensure compliance.
So how do events like 000webhost's massive data breach involving free web hosting providing 000webhost transpire? In a word, negligence. Gross negligence, to be precise.
Read Blog >
Access to free vulnerability assessment should be a basic right in a world where computing is integral to social and economic life. For our part, we're offering our full product, including vulnerability assessment, free forever for a user's first ten machines.
Read Blog >